fastlane 2.129.0 → 2.134.0

data/match/lib/match/generator.rb

@@ -11,6 +11,7 @@ module Match
 
       arguments = FastlaneCore::Configuration.create(Cert::Options.available_options, {
         development: params[:type] == "development",
+        generate_apple_certs: params[:generate_apple_certs],
         output_path: output_path,
         force: true, # we don't need a certificate without its private key, we only care about a new certificate
         username: params[:username],

data/match/lib/match/importer.rb

@@ -17,7 +17,7 @@ module Match
       UI.user_error!("Certificate does not exist at path: #{cert_path}") unless File.exist?(cert_path)
       UI.user_error!("Private key does not exist at path: #{p12_path}") unless File.exist?(p12_path)
 
-      # Base64 encrypt contents to find match from API to find a cert ID
+      # Base64 encode contents to find match from API to find a cert ID
       cert_contents_base_64 = Base64.strict_encode64(File.open(cert_path).read)
 
       # Storage
@@ -72,7 +72,7 @@ module Match
         cert.certificate_content == cert_contents_base_64
       end
 
-      UI.error!("This certificate cannot be imported - the certificate contents did not match with any available on the Developer Portal") if matching_cert.nil?
+      UI.user_error!("This certificate cannot be imported - the certificate contents did not match with any available on the Developer Portal") if matching_cert.nil?
 
       # Make dir if doesn't exist
       FileUtils.mkdir_p(output_dir)

data/match/lib/match/module.rb

@@ -1,8 +1,10 @@
 require 'fastlane_core/helper'
+require 'fastlane/boolean'
 
 module Match
   Helper = FastlaneCore::Helper # you gotta love Ruby: Helper.* should use the Helper class contained in FastlaneCore
   UI = FastlaneCore::UI
+  Boolean = Fastlane::Boolean
   ROOT = Pathname.new(File.expand_path('../../..', __FILE__))
   DESCRIPTION = "Easily sync your certificates and profiles across your team"
 

data/match/lib/match/nuke.rb

@@ -100,7 +100,7 @@ module Match
       prov_types = [:enterprise] if cert_type == :enterprise
 
       Spaceship.login(params[:username])
-      Spaceship.select_team
+      Spaceship.select_team(team_id: params[:team_id], team_name: params[:team_name])
 
       if Spaceship.client.in_house? && (type == "distribution" || type == "enterprise")
         UI.error("---")
@@ -112,7 +112,7 @@ module Match
         UI.user_error!("Enterprise account nuke cancelled") unless UI.confirm("Do you really want to nuke your Enterprise account?")
       end
 
-      self.certs = certificate_type(cert_type).all
+      self.certs = certificate_type(cert_type).flat_map(&:all)
       self.profiles = []
       prov_types.each do |prov_type|
         self.profiles += profile_type(prov_type).all
@@ -241,9 +241,9 @@ module Match
     # The kind of certificate we're interested in
     def certificate_type(type)
       {
-        distribution: Spaceship.certificate.production,
-        development:  Spaceship.certificate.development,
-        enterprise:   Spaceship.certificate.in_house
+        distribution: [Spaceship.certificate.production, Spaceship.certificate.apple_distribution],
+        development:  [Spaceship.certificate.development, Spaceship.certificate.apple_development],
+        enterprise:   [Spaceship.certificate.in_house]
       }[type] ||= raise "Unknown type '#{type}'"
     end
 

data/match/lib/match/options.rb

@@ -32,6 +32,17 @@ module Match
                                      description: "Only fetch existing certificates and profiles, don't generate new ones",
                                      is_string: false,
                                      default_value: false),
+        FastlaneCore::ConfigItem.new(key: :generate_apple_certs,
+                                     env_name: "MATCH_GENERATE_APPLE_CERTS",
+                                     description: "Create a certificate type for Xcode 11 and later (Apple Development or Apple Distribution)",
+                                     type: Boolean,
+                                     default_value: FastlaneCore::Helper.mac? && FastlaneCore::Helper.xcode_at_least?('11'),
+                                     default_value_dynamic: true),
+        FastlaneCore::ConfigItem.new(key: :skip_provisioning_profiles,
+                                     env_name: "MATCH_SKIP_PROVISIONING_PROFILES",
+                                     description: "Skip syncing provisioning profiles",
+                                     is_string: false,
+                                     default_value: false),
 
         # app
         FastlaneCore::ConfigItem.new(key: :app_identifier,
@@ -110,6 +121,12 @@ module Match
                                      description: "Clone just the branch specified, instead of the whole repo. This requires that the branch already exists. Otherwise the command will fail",
                                      is_string: false,
                                      default_value: false),
+        FastlaneCore::ConfigItem.new(key: :git_basic_authorization,
+                                     env_name: "MATCH_GIT_BASIC_AUTHORIZATION",
+                                     sensitive: true,
+                                     description: "Use a basic authorization header to access the git repo (e.g.: access via HTTPS, GitHub Actions, etc), usually a string in Base64",
+                                     optional: true,
+                                     default_value: nil),
 
         # Storage: Google Cloud
         FastlaneCore::ConfigItem.new(key: :google_cloud_bucket_name,

data/match/lib/match/runner.rb

@@ -37,7 +37,9 @@ module Match
         git_full_name: params[:git_full_name],
         git_user_email: params[:git_user_email],
         clone_branch_directly: params[:clone_branch_directly],
+        git_basic_authorization: params[:git_basic_authorization],
         type: params[:type].to_s,
+        generate_apple_certs: params[:generate_apple_certs],
         platform: params[:platform].to_s,
         google_cloud_bucket_name: params[:google_cloud_bucket_name].to_s,
         google_cloud_keys_file: params[:google_cloud_keys_file].to_s,
@@ -85,12 +87,14 @@ module Match
       spaceship.certificate_exists(username: params[:username], certificate_id: cert_id) if spaceship
 
       # Provisioning Profiles
-      app_identifiers.each do |app_identifier|
-        loop do
-          break if fetch_provisioning_profile(params: params,
-                                      certificate_id: cert_id,
-                                      app_identifier: app_identifier,
-                                   working_directory: storage.working_directory)
+      unless params[:skip_provisioning_profiles]
+        app_identifiers.each do |app_identifier|
+          loop do
+            break if fetch_provisioning_profile(params: params,
+                                        certificate_id: cert_id,
+                                        app_identifier: app_identifier,
+                                    working_directory: storage.working_directory)
+          end
         end
       end
 

data/match/lib/match/storage/git_storage.rb

@@ -17,6 +17,7 @@ module Match
       attr_accessor :clone_branch_directly
       attr_accessor :type
       attr_accessor :platform
+      attr_accessor :git_basic_authorization
 
       def self.configure(params)
         return self.new(
@@ -28,7 +29,8 @@ module Match
           branch: params[:git_branch],
           git_full_name: params[:git_full_name],
           git_user_email: params[:git_user_email],
-          clone_branch_directly: params[:clone_branch_directly]
+          clone_branch_directly: params[:clone_branch_directly],
+          git_basic_authorization: params[:git_basic_authorization]
         )
       end
 
@@ -40,7 +42,8 @@ module Match
                      branch: "master",
                      git_full_name: nil,
                      git_user_email: nil,
-                     clone_branch_directly: false)
+                     clone_branch_directly: false,
+                     git_basic_authorization: nil)
         self.git_url = git_url
         self.shallow_clone = shallow_clone
         self.skip_docs = skip_docs
@@ -48,6 +51,7 @@ module Match
         self.git_full_name = git_full_name
         self.git_user_email = git_user_email
         self.clone_branch_directly = clone_branch_directly
+        self.git_basic_authorization = git_basic_authorization
 
         self.type = type if type
         self.platform = platform if platform
@@ -65,6 +69,8 @@ module Match
         self.working_directory = Dir.mktmpdir
 
         command = "git clone #{self.git_url.shellescape} #{self.working_directory.shellescape}"
+        command << " -c http.extraheader='AUTHORIZATION: basic #{self.git_basic_authorization}'" unless self.git_basic_authorization.nil?
+
         if self.shallow_clone
           command << " --depth 1 --no-single-branch"
         elsif self.clone_branch_directly

data/match/lib/match/storage/google_cloud_storage.rb

@@ -97,6 +97,7 @@ module Match
         end
 
         ensure_bucket_is_selected
+        check_bucket_permissions
       end
 
       def currently_used_team_id
@@ -234,74 +235,125 @@ module Match
           end
         end
 
-        # User doesn't seem to have provided a keys file.
-        UI.message("Looks like you don't have a Google Cloud #{DEFAULT_KEYS_FILE_NAME.cyan} file")
-        UI.message("If you have one, make sure to put it into the '#{Dir.pwd}' directory and call it '#{DEFAULT_KEYS_FILE_NAME.cyan}'")
+        # User doesn't seem to have provided a keys file
+        UI.message("Looks like you don't have a Google Cloud #{DEFAULT_KEYS_FILE_NAME.cyan} file yet.")
+        UI.message("If you have one, make sure to put it into the '#{Dir.pwd}' directory and call it '#{DEFAULT_KEYS_FILE_NAME.cyan}'.")
         unless UI.confirm("Do you want fastlane to help you to create a #{DEFAULT_KEYS_FILE_NAME} file?")
           UI.user_error!("Process stopped, run fastlane again to start things up again")
         end
 
-        UI.message("fastlane will help you create a keys file. First, open the following website")
+        UI.message("fastlane will help you create a keys file. Start by opening the following website:")
         UI.message("")
         UI.message("\t\thttps://console.cloud.google.com".cyan)
         UI.message("")
-        UI.input("Press enter once you're logged in")
+        UI.input("Press [Enter] once you're logged in")
 
-        UI.message("Now it's time to generate a new JSON auth file for fastlane to access Google Cloud")
         UI.message("First, switch to the Google Cloud project you want to use.")
-        UI.message("If you don't have one yet, create a new one and switch to it")
+        UI.message("If you don't have one yet, create a new one and switch to it.")
         UI.message("")
-        UI.message("\t\thttps://console.cloud.google.com/apis/credentials".cyan)
+        UI.message("\t\thttps://console.cloud.google.com/projectcreate".cyan)
         UI.message("")
-        UI.input("Ensure the right project is selected on top of the page and confirm with enter")
+        UI.input("Press [Enter] once you selected the right project")
 
-        UI.message("Now create a new JSON auth file by clicking on")
+        UI.message("Next fastlane will show you the steps to create a keys file.")
+        UI.message("For this it might be useful to switch the Google Cloud interface to English.")
+        UI.message("Append " + "&hl=en".cyan + " to the URL and the interface should be in English.")
+        UI.input("Press [Enter] to continue")
+
+        UI.message("Now it's time to generate a new JSON auth file for fastlane to access Google Cloud Storage:")
         UI.message("")
-        UI.message("\t\t 1. Create credentials".cyan)
-        UI.message("\t\t 2. Service account key".cyan)
-        UI.message("\t\t 3. App Engine default service account".cyan)
-        UI.message("\t\t 4. JSON".cyan)
-        UI.message("\t\t 5. Create".cyan)
+        UI.message("\t\t 1. From the side menu choose 'APIs & Services' and then 'Credentials'".cyan)
+        UI.message("\t\t 2. Click 'Create credentials'".cyan)
+        UI.message("\t\t 3. Choose 'Service account key'".cyan)
+        UI.message("\t\t 4. Select 'New service account'".cyan)
+        UI.message("\t\t 5. Enter a name and ID for the service account".cyan)
+        UI.message("\t\t 6. Don't give the service account a role just yet!".cyan)
+        UI.message("\t\t 7. Make sure the key type is set to 'JSON'".cyan)
+        UI.message("\t\t 8. Click 'Create'".cyan)
         UI.message("")
-        UI.input("Confirm with enter once you created and download the JSON file")
+        UI.input("Confirm with [Enter] once you created and downloaded the JSON file")
 
         UI.message("Copy the file to the current directory (#{Dir.pwd})")
         UI.message("and rename it to `#{DEFAULT_KEYS_FILE_NAME.cyan}`")
         UI.message("")
-        UI.input("Confirm with enter")
+        UI.input("Confirm with [Enter]")
 
         until File.exist?(DEFAULT_KEYS_FILE_NAME)
           UI.message("Make sure to place the file in '#{Dir.pwd.cyan}' and name it '#{DEFAULT_KEYS_FILE_NAME.cyan}'")
-          UI.input("Confirm with enter")
+          UI.message("")
+          UI.input("Confirm with [Enter]")
         end
 
         UI.important("Please never add the #{DEFAULT_KEYS_FILE_NAME.cyan} file in version control.")
-        UI.important("Instead please add the file to your .gitignore")
-        UI.input("Confirm with enter")
+        UI.important("Instead please add the file to your `.gitignore` file")
+        UI.message("")
+        UI.input("Confirm with [Enter]")
 
         return DEFAULT_KEYS_FILE_NAME
       end
 
       def ensure_bucket_is_selected
-        # In case the user didn't provide a bucket name yet, they will
-        # be asked to provide one here
+        # Skip the instructions if the user provided a bucket name
+        return unless self.bucket_name.to_s.length == 0
+
+        created_bucket = UI.confirm("Did you already create a Google Cloud Storage bucket?")
         while self.bucket_name.to_s.length == 0
-          # Have a nice selection of the available buckets here
-          # This can only happen after we went through auth of Google Cloud
-          available_bucket_identifiers = self.gc_storage.buckets.collect(&:id)
-          if available_bucket_identifiers.count > 0
-            @bucket_name = UI.select("What Google Cloud Storage bucket do you want to use? (you can define it using the `google_cloud_bucket_name` key)", available_bucket_identifiers)
-          else
-            UI.error("Looks like your Google Cloud account for the project ID '#{self.google_cloud_project_id}' doesn't")
-            UI.error("have any available storage buckets yet. Please visit the following URL")
+          unless created_bucket
+            UI.message("Create a bucket at the following URL:")
             UI.message("")
             UI.message("\t\thttps://console.cloud.google.com/storage/browser".cyan)
             UI.message("")
-            UI.message("and make sure to have the right project selected on top of the page")
-            UI.message("click on " + "Create Bucket".cyan + ", choose a name and confirm")
+            UI.message("Make sure to select the right project at the top of the page!")
             UI.message("")
-            UI.input("Once you're finished, please confirm with enter")
+            UI.message("\t\t 1. Click 'Create bucket'".cyan)
+            UI.message("\t\t 2. Enter a unique name".cyan)
+            UI.message("\t\t 3. Select a geographic location for your bucket".cyan)
+            UI.message("\t\t 4. Make sure the storage class is set to 'Standard'".cyan)
+            UI.message("\t\t 5. Click 'Create' to create the bucket".cyan)
+            UI.message("")
+            UI.input("Press [Enter] once you created a bucket")
+          end
+          bucket_name = UI.input("Enter the name of your bucket: ")
+
+          # Verify if the bucket exists
+          begin
+            bucket_exists = !self.gc_storage.bucket(bucket_name).nil?
+          rescue Google::Cloud::PermissionDeniedError
+            bucket_exists = true
+          end
+          created_bucket = bucket_exists
+          if bucket_exists
+            @bucket_name = bucket_name
+          else
+            UI.error("It looks like the bucket '#{bucket_name}' doesn't exist. Make sure to create it first.")
+          end
+        end
+      end
+
+      def check_bucket_permissions
+        bucket = nil
+        while bucket.nil?
+          begin
+            bucket = self.gc_storage.bucket(self.bucket_name)
+          rescue Google::Cloud::PermissionDeniedError
+            bucket = nil
           end
+          return if bucket.nil? == false
+          UI.error("Looks like your Google Cloud account for the project ID '#{self.google_cloud_project_id}' doesn't")
+          UI.error("have access to the storage bucket '#{self.bucket_name}'. Please visit the following URL:")
+          UI.message("")
+          UI.message("\t\thttps://console.cloud.google.com/storage/browser".cyan)
+          UI.message("")
+          UI.message("You need to give your account the correct permissions:")
+          UI.message("")
+          UI.message("\t\t 1. Click on your bucket to open it".cyan)
+          UI.message("\t\t 2. Click 'Permissions'".cyan)
+          UI.message("\t\t 3. Click 'Add members'".cyan)
+          UI.message("\t\t 4. Enter the email of your service account".cyan)
+          UI.message("\t\t 5. Set the role to 'Storage Admin'".cyan)
+          UI.message("\t\t 6. Click 'Save'".cyan)
+          UI.message("")
+          UI.input("Confirm with [Enter] once you're finished")
         end
       end
     end

data/produce/lib/produce/service.rb

@@ -229,7 +229,13 @@ module Produce
         UI.message("\tPush Notifications")
 
         if on
-          app.update_service(Spaceship.app_service.push_notification.on)
+          # Don't enable push notifications if already enabled
+          # Enabling push notifications when already on revokes certs
+          # https://github.com/fastlane/fastlane/issues/15315
+          # https://github.com/fastlane/fastlane/issues/8883
+          unless app.details.enable_services.include?("push")
+            app.update_service(Spaceship.app_service.push_notification.on)
+          end
         else
           app.update_service(Spaceship.app_service.push_notification.off)
         end

data/scan/lib/scan/error_handler.rb

@@ -6,8 +6,13 @@ module Scan
     class << self
       # @param [String] The output of the errored build
       # This method should raise an exception in any case, as the return code indicated a failed build
-      def handle_build_error(output)
-        # The order of the handling below is import
+      def handle_build_error(output, log_path)
+        # The order of the handling below is important
+
+        instruction = 'See the log'
+        location = Scan.config[:suppress_xcode_output] ? "here: '#{log_path}'" : "above"
+        details = "#{instruction} #{location}."
+
         case output
         when /US\-ASCII/
           print("Your shell environment is not correctly configured")
@@ -23,7 +28,7 @@ module Scan
           print("For more information visit this stackoverflow answer:")
           print("https://stackoverflow.com/a/17031697/445598")
         when /Testing failed/
-          UI.build_failure!("Error building the application - see the log above")
+          UI.build_failure!("Error building the application. #{details}")
         when /Executed/, /Failing tests:/
           # this is *really* important:
           # we don't want to raise an exception here
@@ -38,7 +43,7 @@ module Scan
           # followed by a list of tests that failed.
           return
         end
-        UI.build_failure!("Error building/testing the application - see the log above")
+        UI.build_failure!("Error building/testing the application. #{details}")
       end
 
       private

data/scan/lib/scan/runner.rb

@@ -67,7 +67,7 @@ module Scan
                                               error: proc do |error_output|
                                                 begin
                                                   exit_status = $?.exitstatus
-                                                  ErrorHandler.handle_build_error(error_output)
+                                                  ErrorHandler.handle_build_error(error_output, @test_command_generator.xcodebuild_log_path)
                                                 rescue => ex
                                                   SlackPoster.new.run({
                                                     build_errors: 1

data/sigh/lib/sigh/download_all.rb

@@ -12,7 +12,42 @@ module Sigh
       Spaceship.select_team
       UI.message("Successfully logged in")
 
-      Spaceship.provisioning_profile.all(xcode: download_xcode_profiles).each do |profile|
+      case Sigh.config[:platform].to_s
+      when 'ios'
+        download_profiles(Spaceship.provisioning_profile.all(xcode: download_xcode_profiles))
+        xcode_profiles_downloaded?(xcode: download_xcode_profiles, supported: true)
+      when 'macos'
+        download_profiles(Spaceship.provisioning_profile.all(mac: true, xcode: download_xcode_profiles))
+        xcode_profiles_downloaded?(xcode: download_xcode_profiles, supported: true)
+      when 'tvos'
+        download_profiles(Spaceship.provisioning_profile.all_tvos)
+        xcode_profiles_downloaded?(xcode: download_xcode_profiles, supported: false)
+      end
+    end
+
+    # @param xcode [Bool] Whether or not the user passed the download_xcode_profiles flag
+    # @param supported [Bool] Whether or not this platform supports downloading xcode profiles at all
+    def xcode_profiles_downloaded?(xcode: false, supported: false)
+      if supported
+        if xcode
+          UI.message("This run also included all Xcode managed provisioning profiles, as you used the `--download_xcode_profiles` flag")
+        elsif !xcode
+          UI.message("All Xcode managed provisioning profiles were ignored on this, to include them use the `--download_xcode_profiles` flag")
+        end
+
+      elsif !supported
+        if xcode
+          UI.important("Downloading Xcode managed profiles is not supported for platform #{Sigh.config[:platform]}")
+          return
+        end
+      end
+    end
+
+    # @param profiles [Array] Array of all the provisioning profiles we want to download
+    def download_profiles(profiles)
+      UI.important("No profiles available for download") if profiles.empty?
+
+      profiles.each do |profile|
         if profile.valid?
           UI.message("Downloading profile '#{profile.name}'...")
           download_profile(profile)
@@ -20,19 +55,24 @@ module Sigh
           UI.important("Skipping invalid/expired profile '#{profile.name}'")
         end
       end
-
-      if download_xcode_profiles
-        UI.message("This run also included all Xcode managed provisioning profiles, as you used the `--download_xcode_profiles` flag")
-      else
-        UI.message("All Xcode managed provisioning profiles were ignored on this, to include them use the `--download_xcode_profiles` flag")
-      end
     end
 
+    # @param profile [ProvisioningProfile] A profile we plan to download and store
     def download_profile(profile)
       FileUtils.mkdir_p(Sigh.config[:output_path])
 
       type_name = profile.class.pretty_type
-      profile_name = "#{type_name}_#{profile.uuid}_#{profile.app.bundle_id}.mobileprovision" # default name
+      profile_name = "#{type_name}_#{profile.uuid}_#{profile.app.bundle_id}"
+
+      if Sigh.config[:platform].to_s == 'tvos'
+        profile_name += "_tvos"
+      end
+
+      if Sigh.config[:platform].to_s == 'macos'
+        profile_name += '.provisionprofile'
+      else
+        profile_name += '.mobileprovision'
+      end
 
       output_path = File.join(Sigh.config[:output_path], profile_name)
       File.open(output_path, "wb") do |f|